Law Lost, Compliance Found: A Frontline Understanding of the Non-linear Nature of Business and Employee Responses to Law

This paper seeks to understand the transmission and reception of legal rules as a component of the regulatory compliance process. It adopts a frontline approach (Almond and Gray 2017) to regulatory compliance that traces the grassroot functioning of compliance processes from regulator, to compliance managers to individual employees. Through a multilevel and multi-sited ethnography of worker safety protection in Chinese construction industry, this paper shows that in the cases studied there is a fundamental disconnect in the transmission and reception of law from regulator to organization and within the regulated organization. Yet at the same time, the paper finds that employees did comply with the law, and that thus compliance can exist without a full transmission and reception of legal rules into and within the regulated organization. By expanding the frontline approach to study regulation and compliance to look at the grassroots operation across three different frontlines, this study has been able to assess the legal assumptions inherent in existing regulatory compliance research. Not only does it find that compliance in these cases was not a top-down process and that we need to look at the grassroots operation inside organizations, it also shows that law does not always play a central role in regulatory compliance and that we need to reassess the implicit focus on law in regulatory compliance scholarship.


Introduction
Studies of regulation and regulatory compliance seek to understand how regulatory laws can best influence organizational conduct to help reduce risk. A key focus in such studies is that legal rules somehow are transmitted into and received within the regulated organization. We can see this clearly in traditional approaches that focus on command and control and deterrence, where it is assumed that once organizational managers and employees come to learn what the rules are and what the consequences are of violating them, they will come to comply (Becker 1968;Hawkins 1983;Makkai and Braithwaite 1994;Parker and Nielsen 2009b;Schell-Busey et al. 2016). We can also see this in the study of responsive regulation, where regulators are supposed to escalate which legal instrument they use to ensure compliance based on the extent to which they can trust the regulated actor (Ayres and Braithwaite 1992;Baldwin and Black 2008;Braithwaite 2011;Mascini and Wijk 2009;Nielsen and Parker 2009). The idea here is still that transmission of the law, in this case ranging from explaining the law to warnings to a range of sanctions, is central in a successful regulatory strategy. And even in the approaches to regulation and compliance that do not focus on the regulator and seek to understand the perspective of the regulated actor instead, a focus of transmission and reception of law is still central. Consider for instance how Sally Falk Moore's work on how communities and organizations come to violate the law assesses these as semi-autonomous social fields that have their own norms that can come to resist outside legal norms (Falk Moore 1973). Or we can think of endogenous compliance studies that seek to understand how regulated organizations in their interaction with regulators come to shape the meaning of law (Edelman and Talesh 2011a;Talesh 2015bTalesh , 2009Talesh and Pélisse 2019;Lange 1999). Here we again see that the focus is on how law gets to be transmitted to the 1 3 regulated organization, but now with a focus on the reception part.
The present study seeks to assess the implicit assumption in regulatory studies that regulatory compliance entails the transmission and receptions of legal norms into and within organizations. It builds directly on the frontline approach to regulation and compliance (e.g. Almond and Gray 2017;Gray 2002Gray , 2006Gray , 2009Silbey 2011, 2014). As Almond and Gray (2017) have summarized this approach, it means using a bottom-up view that understands how regulated organizations function from within instead of a top-down view that sees regulated actors as sort of black boxes that respond to outside rules (Almond 2013, Glasbeek 2002Wells 2001;Van Rooij 2006;Silbey 2012, 2014;Tombs and Whyte 2013). This approach also shows that most regulated behavior occurs when regulators are not present and thus the focus should not be solely on the work of regulators or the interactions between regulators and regulated, but also very much on what happens inside regulated organizations Silbey 2012, 2014;Parker 2002;Whyte 2007, 2013). The frontline approach further questions the top-down directed nature of regulatory compliance, and argues that the regulatory process is not as directive, strategic, instrumental and top-down as assumed (Black 2001(Black , 2002Haines 2011b.). The frontline approach also questions a narrow approach to compliance where the core drivers of compliance come from state regulatory authorities, underplaying the role of other organizations and processes, and the broader political context (Tombs and Whyte 2013;Black 2001Black , 2002Van Rooij et al. 2016;Haines 2011a).
The present paper adapts the frontline approach in two manners. First it seeks to understand regulatory compliance across different regulatory frontlines. Rather than just focusing on what happens inside the regulated organization, the present study seeks to also understand what happens within regulatory agencies and in the interaction between regulators and safety managers. It thus offers a unique frontline view of multiple relevant regulatory frontlines. As such it integrates work on the frontlines of regulatory agents (e.g. Hutter 1988Hutter , 1997Lange 1999;Mascini and Wijk 2009), on the frontline of compliance and safety manager (Edelman 1992;Edelman et al. 1991;Edelman and Talesh 2011a;Gilad 2014;Parker and Nielsen 2006), and on the frontline of individual workers (Almond 2013;Feldman and Orly 2011;Gray 2002Gray , 2006Gray , 2009Silbey 2011, 2014;Shamir 2008;Silbey 2009). This produces a new integrated frontline view along the regulatory compliance processes.
As a second adaptation, the present study focuses on the transmission of regulatory rules at it occurs across these different frontlines. In doing so it uses the frontline perspective to critically assess the inherent premise in regulatory compliance studies that compliance involves the transmission of legal rules and the resultant interpretation of and behavioral responses to such rules. This allows us to move beyond current findings in the frontline approach to compliance that critique its top-down nature, which is apparent, to also fundamentally assess what role law actually plays throughout the process as it occurs at the grassroots.
The present paper assesses transmission and reception of law in regulatory compliance along these three frontlines through a case study compliance with work safety regulation in the Chinese construction industry. Using a multilevel and multi-sited ethnography, this paper studies the daily practice of regulatory encounters at three interrelated levels-external inspections, internal safety management, and worker operations-as well as how enforcement agents, safety managers, and workers perceive such practices.
The paper shows that in the cases studied there is a fundamental disconnect between these different processes and frontlines that obstructs the successful transfer from state law into everyday work-floor decisions. It shows how this disconnect originates in the divergent perceptions regulatory agents, safety managers, and workers have about their own work and their competing notions of work safety and risk. Ultimately, the result has been that both external regulators and internal managers, and ultimately the individual workers, have started to accept that there is minimal enforcement and that no one is personally responsible for continued violations. Yet, these workers have at times come to comply with the law, not because of the law itself, which never was successfully transmitted to the work-floor, but because of their own personal understanding of the costs and benefits of safety.
The cases studied in China exist in an authoritarian political system (He and Warren 2011;Landry 2008;Nathan 2003;Gallagher 2017), with a legal system that offers limited judicial independence and access to justice (Minzner 2011), where in-house counsel until recently do not play a direct role in compliance management (Bian 2019;Tao and Feng 2018), where there is limited regulatory autonomy and capacity (Van Rooij et al. 2018), and also where corruption and regulatory capture can influence the everyday functioning of legal and regulatory institutions (Wedeman 2012;Zhang et al. 2017). In some of these aspects the cases studied exist in a context that is different from the predominantly Western settings where most existing compliance research is conducted. Given how large the Chinese economy is, how large the Chinese construction sector is, and how vital it is that social and behavioral science move beyond theory developed from Western data that do not reflect settings outside (Henrich, Heine, and Norenzayan 2010;Jones 2010), the present study thus offers a vital non-Western perspective of regulatory compliance.
It is not our aim to directly generalize findings from our case study to a broader population of regulatory practices 1 3 in other settings, but rather we aim to generalize conceptually and use the findings to offer new insights in relation to existing literature that can be assessed empirically in other contexts in future research (cf. Small 2009;Gray and Singer 2014). The conclusion of this paper will reflect on these conceptual contributions as well as on future research that can assess them outside of the contexts studied here.
The remainder of this paper will proceed as follows. The first two sections detail our approach and methods for an integrative study of the three frontlines of compliance. This is followed by four sections discussing the regulatory, management, and individual frontlines of compliance with worker safety regulation in China. We then present our conclusions in the final section.

Approach
To develop an integrative approach to the frontlines of compliance, this paper focuses on three frontlines where compliance takes place: regulatory (from the perspective of enforcement agents), management (from the perspective of compliance and safety managers), and individual (from the perspective of the workers). Fortunately, we have a large body of available literature for each compliance frontline. We shall first review these literatures separately before showing their integrative themes and how this flows into our approach to study compliance across the three frontlines.

The Regulatory Frontline
Earlier studies of regulatory enforcement have demonstrated that regulatory enforcement is about more than punishment and deterrence. Kagan and Scholz, for instance, have argued that at the regulatory frontline, enforcement agents can act as educators (who help companies), politicians (who persuade) and cops (who, in case that fails, punish; Kagan and Scholz 1984). Later work has further specified these roles, seeing that in the practice of the regulatory frontlines there may be a range of enforcement styles and enforcement style dimensions that enforcement agents adopt during inspections and in sanction decision-making (McAllister 2010;Winter 2000, 2011;May and Wood 2003;McAllister 2010). Enforcement styles may differ in terms of how coercive, formalistic, educational, persuasive, and proactive they are (McAllister 2010), but at the same time, research shows that the regulated actors also vary in how they respond to regulators. Using the term "motivational postures," Valerie Braithwaite and colleagues have shown that responses vary from resistance, disengagement, capitulation, to commitment (Braithwaite 2003;Braithwaite et al. 1994;Braithwaite, Murphy, and Reinhart 2007). In the interplay between regulatory enforcement and the responses of the regulated, communication plays a key role. The enforcement style is communicated to the regulated actor, although studies have shown that the regulated actors may not perceive the enforcement style adopted in the same way as the regulator (Mascini and Wijk 2009), and there may thus be a mismatch between what the regulator tries to communicate and how the communication is received by the regulated. The regulatory frontline is also where the regulators get to choose which elements of the law to activate and enforce, and how to interpret these laws. Here Hutter has shown, for instance, that regulators will always have legal and factual discretion as they get to interpret what the law is and also to determine priorities on where to apply it and to assess whether or not compliance is being achieved (Hutter 1988(Hutter , 1997. Lange (1999) has shown that both the behavior and the very meaning of legal rules can be negotiated, which helps to narrow gaps between rules and social practice. Finally, in all of this we see that regulators operate as street-level bureaucrats, who face multiple and often conflicting tasks and goals, and in everyday practice at the regulatory frontline must find coping mechanisms to manage the professional and personal risks that arise from their position (Lipsky 1980).

The Management Frontline
There is also plentiful work on the second frontline, that of the compliance and the safety manager within the regulated entities. As the analysis of a survey response from 999 large Australian businesses (Parker and Nielsen 2009a) shows, good management and good values are most likely to influence actual compliance. Studies in the fields of consumer rights law and antidiscrimination law in the USA (Edelman and Talesh 2011a, b; Talesh 2015a, b) have shown that internal managers actually function as intermediaries and thus shape the meaning of the law and what elements are or are not activated. Moreover, as Huising and Silbey (2011) describe, frontline compliance managers are able to govern the gap between regulatory expectation and performance through a set of relational transactions. In this sense, managers play a key role in being compliance-promoting or compliance-limiting (Gray and Silbey 2014;Simpson and Koper 1997). However, Hutter's study of the British Railway (2001) draws attention to the fact that, in complex organizations, different managerial groups receive and interpret knowledge about regulation and risk, which in turn shapes their perceptions of risk, responsibility, and compliance. A range of scholars has sought to understand whether compliance management programs are effective in reducing corporate wrongdoing and crime. The evidence is quite mixed. Some studies report positive effects. Coglianese and Lazar's study of government mandated compliance management programs in the USA found that, although violations have continued, the programs did help to reduce risk, especially when the programs brought independent internal monitoring and oversight (Coglianese and Lazer 2003). In a similar way, Parker and Nielsen, in their study of 1000 firms in Australia, found that particular elements of compliance management programs correlate with better selfreported compliance, most notably a dedicated compliance manager function, a robust system for handling complaints, and external oversight over the functioning of the compliance management system (Parker and Nielsen 2009c). Many other studies were much more negative. McKendal and her colleagues studied compliance management at 108 American firms and found that ethical compliance management was more about "window dressing" or a marketing ploy than it was actually about decreasing violations (McKendall et al. 2002, McKendall andWagner III 1997). Kim Krawiec found that compliance management programs did not deter corporate offenses and only provided cosmetic compliance that ensured "market legitimacy and reduced legal liability" (Krawiec 2003). Another example of such negative views on the effects of compliance management efforts is in a study by Gary Weaver and colleagues of 1000 American industrial and service firms, which found that compliance was more about low-cost optical management than actual improvement of corporate behavior. Some scholars have even found that compliance management might make corporate behavior worse. One study found that willful and repeat offenses were more frequent the more firms had adopted ethical compliance into their operations (McKendall, DeMarr, and Jones-Rikkers 2002).
All in all, our reading of this overall literature has found that internal compliance management has mixed effects, and that it ironically works best where it is least needed, namely where there is effective internal oversight, strong leadership commitment to compliance, and a compliant organizational culture (Parker andNielsen 2009c, 2009b;Coglianese and Lazer 2003;Kaptein 2011).

The Individual Frontline
Finally, there is the work on the third frontline, that of the individual organizational member. Here, there is a large body of work that has sought to understand what factors shape individual compliance from across different disciplines, including criminology, psychology, and regulatory studies. Studies here have tended to focus on individual decisionmaking in response to legal rules, including how people may come to obey or break laws, depending on whether or not they perceive a strong threat of punishment (Nagin 2013). Individual responses to rules also depend on social norms and whether people see others complying with the law or think their peers prefer compliance (Cialdini 2007;Cialdini et al. 2006). Moreover, morals and legitimacy matter, as compliance will be higher when people personally agree with the law or think that obeying the law generally is the right thing to do (Nagin and Telep 2017;Tyler 1997Tyler , 2006Tyler and Darley 1999;Nagin and Telep 2017). Closely related to this, people who feel shame or embarrassment in breaking the law will be more compliant (Braithwaite 1989, Grasmick et al. 1991, Tangney et al. 2014, while those who successfully can neutralize such feelings are more prone to rule violation (Sykes and Matza 1957;Maruna and Copes 2005;Siponen, Vance, and Willison 2012;Sykes and Matza 1957). There will also be fewer violations when people do not have the opportunity to break the law (Cohen and Felson 1979;Pratt, Holtfreter, and Reisig 2010;Sampson, Eck, and Dunham 2010), but in the meantime, people need to have the capacity to obey the law and there will be more violations, for instance when people lack legal knowledge (Darley, Carlsmith, and Robinson 2001;Kim 1999;Darley, Carlsmith, and Robinson 2001). Indeed, many people may simply not make a conscious rational decision but act in response to unconscious triggers and heuristics in their environment, which can make them more or less compliant Kahneman 2011;Kahneman and Tversky 1979). Individuals in organizations may also respond by acting as whistle-blowers when they see others break the law (Feldman and Orly 2011;Liyanarachchi and Newdick 2009;Macey 2007;Miceli et al. 2013;Near and Miceli 1995).
A common element in all these approaches is that there are set variables that we can know beforehand that come to shape individual behavior in organizations. Such approaches thus have a strong deductive form of logic and also an instrumental view that presupposes how individuals will think and act. The frontline approach to regulatory compliance has been critical of such simplistic and instrumental view and has stressed that the way individuals experience their work and the way they experience safety and rules related to safety will come to interact with their everyday work practices (Almond and Gray 2017). This shows that we should not just deductively assess what variables shape worker compliance, but also how these workers themselves view and explain their own behavior.

Transmission and Competition across Four Processes at Three Frontlines
We see that there are five crosscutting themes in these studies of what happens at each compliance frontline. The first theme is that at each frontline there is variation in regulatory communication. This has been most clearly studied at the regulatory frontline, where we have enforcement styles and motivational postures, but we may also find management styles and motivational posture responses at the management level, and interpretations of both enforcement and management styles as well as motivational postures at the individual level. A second theme is one of norm activation and interpretation. We see that only a selection of legal norms actually gets filtered through each frontline, and thus that only a part of the broader law in the books gets activated into law in action (cf. Pound 1917). What we mean here is an exante activation of law, where the law is transmitted to shape behavior before or as it occurs, in contrast to an ex-post transmission that occurs to assign liabilities once deviant behavior takes place (cf. Darley, Carlsmith, and Robinson 2001). Across the frontline encounters, the transmitting and receiving actors get to interpret what the legal norms are and thus shape the meaning of law, just as we have learned from the endogenous research on compliance (cf. Parker and Nielsen 2009a). A third theme is one of attempted domination and resistance, where the recipient has the ability not just to reinterpret the rules but also to resist their functioning in daily operations (cf. Scott 1985;Braithwaite 2003;Braithwaite et al. 1994;Braithwaite, Murphy, and Reinhart 2007;Scott 1985). A fourth theme is how both transmitters and receivers of legal norms at each regulatory frontline engage in personal risk management, blame shifting, and dealing with competing pressures, which shapes how they transmit and receive legal norms (cf. Lipsky 1980;Lloyd-Bostock 1992). The fifth theme is how, at each frontline, legal norms coexist and compete with bureaucratic, organizational, and personal norms and practices, which ultimately determine what constitutes the norms that get to shape behavior (Heimer 1999;Falk Moore 1973).
Based on these five themes, our approach is to see compliance at the frontlines as a process of transmission and reception of legal norms (which includes the style of transmission and reception, as well as the activation and interpretation of such norms) and competition between these transmitted legal norms and the organizational and individual norms and practices, which in turn are shaped by how frontline actors use their discretion and power to resist to develop coping mechanisms to deal with risks and conflicting expectations and pressures. Compliance at the frontlines should thus be seen as a reiteration of the processes-well described by both Sally Falk Moore and Heimer-of how legal norms compete with other norms in organizational contexts (Falk Moore 1973;Heimer 1999). This process repeats itself as the legal norms go from external enforcement to management in the organization and from management to the individual organizational members.
To understand compliance at the three frontlines therefore means that at each level we have to understand the interaction between legal norms (how they get activated and interpreted) and social and personal norms. At each level we therefore look at what legal norms are activated, the manner in which they are communicated and received, as well as the organizational and social norms at play. The remainder of this paper will illustrate this through an in-depth ethnography across the compliance frontlines as they play out in the regulation of work safety in a Chinese city.
To do this analysis we shall look at four processes where transmission and competition take place across the three regulatory frontlines: (1) the transmission of legal norms to enforced norms; (2) the transmission of enforced norms to organizational norms; (3) the transmission of organizational norms to sub-organizational norms; and (4) the individual behavioral responses to legal, enforced, and organizational norms ( Fig. 1).

Methods
This study carries out the analyses of the four transmission and competition processes across the three regulatory frontlines using data from in-depth multi-site ethnography (Marcus 1995;Falzon 2016) of work safety regulations in the construction industry in a provincial capital in southwest China. The first author conducted over one year of fieldwork, including a total of eight months doing direct observation (Jorgensen 2015;Musante and DeWalt 2010) at each of the three frontlines: at the local regulatory enforcement agency, both at the bureau as well as during inspections; at the internal safety management office of the construction projects; and on site with the construction workers.
The study was conducted in two worker safety regulatory agencies, three construction projects, and amongst a total of 183 workers over these three construction sites. The agencies were selected because they were operating in very different districts, one in an old urban neighborhood in the main economic and political center, while the other was in a newly developed area with much new construction. The  Individual Frontline construction sites were selected based on their location (within the jurisdiction of one of the selected agencies), and practically for sites that allowed an external researcher full access to do participatory research with both safety managers and workers. The three sites selected had different characteristics: one was a small construction company, while two were medium sized; and two were non-local companies, while one belonged to a local firm.
To study the work of the regulatory agents and analyze their interactions with managers at the regulated enterprises, the first author conducted a total of 14 weeks of fulltime participant observation (Jorgensen 2015;Musante and DeWalt 2010), working as an intern/researcher at each of the selected regulatory agencies. Similar to Mascini and Wijk (2009), the first author accompanied inspectors when they did onsite inspections at construction sites. As an unpaid intern, she assisted the agents in note-taking or taking pictures and in filing documents. During the inspections, she could thus observe directly what rules the inspectors focused on, how they interacted with regulated actors, and how these rules then were transmitted. She carried out additional semi-structured interviews, with all inspectors in the two jurisdictions studied (n = 11). In these interviews inspectors were asked how they organized inspection work, how they thought about the existing legal rules, and how they operationalized these rules into their inspection practices. The interviews were carried out one on one and in the office and lasted for one hour. In addition during inspections the first author asked informal questions to better understand what she observed and how inspectors viewed their work as it occurred. Such informal questions were ethnographic interviews (cf. Talesh 2015bTalesh , 2009).
The first author also carried out prolonged participant observation (Jorgensen 2015;Musante and DeWalt 2010) at the three selected construction sites. Here she worked as an informal intern with the safety staff. She did not carry out any assignments as an intern, but was just allowed to be present and observe. During this period, she conducted firsthand observation of the routine activities of safety compliance managers at each of the sites. She also observed regular management-level meetings and could thus understand how manager discussed construction progress and management issues. She was allowed to walk around freely on the construction site and observe the behavior of lower level managers and their interactions with work teams. She also conducted in-depth one-on-one interviews with 41 individual managers at the three selected construction sites, including top managers, project managers, safety compliance officers, labor subcontractors, and work team headmen. Each of these interviews lasted about an hour and was conducted in their offices on site. Some of them were interviewed twice. In these interviews managers were asked about personal history of working in the construction industry, how they organized inspection work, how they thought about the existing legal/ organizational rules, how they operationalized these rules into their inspection practices, and how they thought about external regulation. Besides, the first author also conducted short informal ethnographic interviews (cf. Talesh 2015b, 2009) during inspections.
Finally, the study of individual workers and their compliance behavior was conducted through a combination of direct observation (Jorgensen 2015;Musante and DeWalt 2010) and semi-structured interviews (Bernard 2017). To understand their behavior, the first author directly observed how workers behaved with regard to three key daily operations regulated by Chinese worker safety law: the use of a helmet (which is mandated while on site), the use of a safety rope (which is mandated when working in elevated positions), and the proper safe use of electricity (by using it directly from well-grounded sockets and doing so under supervision of management). Following this observation, she then conducted semi-structured interviews with each observed worker on site where they were working. These interviews were semi-structured in the sense that they had a structure that guided the interviewee through open-ended queries in relation to the individual variables that might shape their compliance, and also asked them fully open questions on why they had used safety gear in the way that they had. This allows for both a deductive analysis of what shapes their behavior, befitting the existing individual compliance literature variables, as well as an inductive analysis where the worker's own interpretation and explanation is key rather than that of existing theory. In order to ensure that workers felt comfortable during the interview they were conducted as a dialogue structure (cf. Van Rooij 2016;Yan, Van der Heijden, and Van Rooij 2017;Van der Heijden 2015, 2016;Van Rooij 2016). Each interview started with an open question about how long workers have worked there and then ensued in a short conversation that the first author nudged towards how workers do their job and then to one of the three types of behavior she was studying. Once the behavior had been described she would ask why they conducted their work in that way. She then recorded all answers to this question and prodded deeper when things were unclear. She would then ask whether there were any other explanations and also record these until the worker had no other explanations. This was then repeated for each of the behaviors studied. In this manner the interview recorded the explanations that workers themselves had for their behavior, and could analyze both those that fall under existing theories of compliance, as well as those that we learned inductively through the workers.
Each of the three companies studied did have a law department with legal counsel. Such legal departments have developed in China since the early 2002 when the Ministry of Justice started to promote in-house counsel in non-state companies. Since then there has been a rapid development of legal counsel in Chinese businesses, especially those with sufficient size and resources to be able to pay for their own in-house lawyers (Huang 2014). However, in China such legal counsel predominantly focuses on traditional legal advice such as contracts, intellectual property, tax, and litigation. And this is not different for lawyers working in-house in the construction industry (Chu 2012). Legal counsel in China has been far less involved in compliance management itself (Bian 2019;Tao and Feng 2018). For this reason legal counsel at the three companies were not directly interviewed. And during the observations at the three frontlines it became clear that legal counsel were not present, they were absent during encounters with inspection agents, during internal safety management inspections, and during daily work at construction sites. The only matters where legal counsel would get involved were legal training for the highest-level managers and in case of major disputes. As one interviewee explained: "In-house counsel is usually absent unless a case (i.e. an incident or accident) happens" (Int. M-I-HUANG).
Analysis of the data included two processes. First, all observations were recorded through meticulous daily note taking (Bernard 2017), and all interviews were recorded with the consent of the interviewees and transcribed afterwards. Second, the first researcher conducted a textual analysis of all these written notes and developed a raw table (Rihoux and Ragin 2009) (using Microsoft Word) that structured the data along categories drawn from the data itself, and that was then used to structure all data (both observation notes and interview responses) in one or more of these categories. Third, in order to assess the frequencies different respondents gave particular answers the first author coded the answers in the raw table (Rihoux and Ragin 2009) and developed a Microsoft Excel spreadsheet where she assigned scored frequencies and percentages of the data.
These methods offer a unique view at all three regulatory frontlines and also at all four processes that we seek to study here. To our knowledge no other study has succeeded in getting such a multi-actor and multi-process view of regulatory compliance, from regulator, to internal management, to lower level workers. However, like any other study this one has some limitations. A first and foremost limitation is that the qualitative nature of the study does not allow for direct generalization beyond the cases and contexts we studied here. This is also not the purpose of our study, instead we seek to generalize conceptually and use the findings to offer new insights in relation to existing literature that can be assessed empirically in other contexts in future research (cf. Small 2009;Gray and Singer 2014). Another limitation was that our direct observation focused on three common, and easily and systemically observable forms of regulated behavior with the workers on site (helmet, safety rope, and electricity use), which omits many other kinds of regulated behavior that we simply could not systematically study. The third limitation is that the available time for interviewing with all actors was limited and therefore choices had to be made what to focus the interviews on. This means that the study has not developed in-depth data about issues such as the interviewees general views and experiences with law (and thus also not their legal consciousness generally). The study also has not gathered in-depth data on the day-to-day interactions between headmen and individual employees. And finally, while we do have data from all three regulatory frontlines, the regulatory frontline data covers a larger subset of sites than the ones we were able to study for the management and the individual frontlines.

Process I: From Legal Norm to Enforced Norm
At the regulatory frontline-where ultimately governmental regulators and regulated managers meet-two processes are at play: legal norm activation and the transmission of activated norms from enforcement agents to organizational management. The first process, discussed in this section, is how enforcement agents select and interpret the law, and thus activate part of the overall relevant legal rules into norms that they actually set out to enforce.
There are two elements of the activation of legal norms into enforced norms. The first is what part of the law gets selected for inspection, and the second is to what extent these inspections result in some form of law enforcement action.
Like many of their colleagues, the inspectors we study here probably work to inspect an overwhelming amount of law. The overall rules in China's Construction Law (amended in 2011) have been operationalized in the State Counsel Regulations of Safe Production Management for Construction Projects, which in turn have been further developed to guide enforcement work through the Ministry of Housing and Urban-Rural Development Standard for Construction Safety Inspection (known under the code-name JGJ59-2011). These inspection standards prescribe 19 categories that inspections should cover, covering 189 items in detail. According to the law, the safety inspectors should therefore inspect at least 189 items.
In practice, the regulatory inspectors are unable to do so. In each of the bureaus there were only a small number of inspection staff (five in one and six in the other) responsible for a large number of inspection sites. With such limited staff, inspections take about one hour and require two or three inspectors at a time to deal with the size and complexity of operations at construction sites. Moreover, the rules are so elaborate and complex that inspectors admitted that they could not remember all of them in detail.
Thus, in practice, inspectors make a selection from the 19 categories they are legally bound to inspect and that companies are legally required to comply with. Generally, unless inspectors targeted particular problems when directed to do so by higher authorities, or because of earlier inspections or complaints, inspections tend to focus on only four core aspects: documentation of the status of safety management work; the proper use of safety measures and equipment (such as safety nets outside the building and climbing protection facilities); the proper design and use of electricity; and the overall status of high tower cranes. Even when they inspect these four aspects, they do not strictly follow the letter of the law. Rather, inspectors are guided by their overall impression while on site. If their first impression shows a site that is clear and in order, they will not pursue a thorough inspection and will assume that there are no major safety concerns. But when a site looks messy, we observed that inspectors tended to become more thorough and also expand the aspects to be inspected beyond the usual four. For instance, we saw that rather than checking whether the right documentation was there, at sites that were messy, inspectors would also check whether the content of the documentation was correct and true. Similarly, inspectors would also become more thorough when they thought that management responded poorly to their inspection.
We, therefore see that, in this first part of the first process, a large selection of legal norms has already been made. We see that of the full law, only a small part gets activated in daily inspection practices. Out of 19, only 4 get inspected, and these not very thoroughly. Moreover, we see that agents use heuristics to filter the complexity of on-site operations to make judgments about whether more thorough inspections encompassing a larger body of the law are necessary. One heuristic is the overall state at the site, and the second concerns the quality of responses and communication from regulated actors.
The second element of enforcement work that activates legal norms into enforced norms is the actual enforcement reactions that follow when violations of the law are found during on-site inspections. If inspectors do not follow each violation detected with some form of enforcement response, the transmission of the legal rules into enforced rules is further restricted. Our research indicates that detection of violations hardly ever resulted in enforcement action. Table 1 below provides an overview of sanctions issued during inspections where violations were detected. Clearly, we see that no true enforcement sanctions were issued for any of the violations. All inspectors did was issue oral and, very rarely, written warnings.
In this first process, there is a very restricted transmission of legal norms into enforced norms. Only a fraction of laws are inspected, and of that only a fraction of detected violations ends up with even the least coercive form of enforcement. If we see enforcement as sanctions for violations found, we could simply say that none of the legal norms ever becomes an enforced norm.
The transmission is so restricted largely because the norms in the law compete with the bureaucratic norms that shape the behavior of agents. Some of these bureaucratic norms are practical. There simply is not sufficient enforcement staff to do the full list of items the law demands companies comply with and inspectors check.
Equally important is the bureaucratic norm that originates from how the regulatory agency sees its own mission. Rather than seeing its work as enforcing safety law, the regulatory agency defined its task as supporting self-regulation. As one chief inspector explained: "We just play a role of assisting, reminding and supervising from the outside, while the construction company takes total responsibility for their overall business behavior. We cannot take the place of the construction business, neither can we become safety manager of construction project" (Int. R-I-ZOU). The assistance and promotion of self-regulation, rather than enforcement of the law are the bureaucratic norms, which are at odds with the clear tasks the inspectors have to enforce highly particular aspects of the law.
A third bureaucratic norm at play is the existing incentive structures for enforcement agents, which consist of a combination of rewards for doing good enforcement work and costs that can come from the risks of doing thorough enforcement work. Overall, we see that there are far greater risks and costs of doing proper enforcement than there are benefits. On the benefits side, we see that due to the flat structure of the enforcement organization, as well as the nature of the salary scales, there is virtually no positive reward (promotion, pay increase, or bonus) that inspectors who would do a better enforcement job could get.
At the same time, thorough inspectors face strong risks that force them into formalistic, rather than effective work. There are two risks at play here. The first is the risk of being blamed for lax enforcement, should an accident happen at a site that they were supposed to inspect. To deal with this Bad (n = 18) 12 6 0 0 0 risk agents will try to "leave a trace of an inspection." For instance, they will take a picture of the problem/violation detected; they will make sure to give a written feedback notice to the company (stating the problems identified and a suggestion or rectification requirement made by the safety station) at the end of an inspection just so that the bureau could show that, in case an accident happened later, they had already notified the company of the risks, so the inspectors and bureau would not be to blame. The second sort of risk comes from projects that are directly protected by the local government. For these projects, enforcement agents simply cannot take any real enforcement action. As one agent explained: "You have to know where the boundary is and not create any actual deterrence" (Int. R-II-HU). Inspectors who cross this boundary will face the consequences. A good example are agents who issued a work-stop order at a terrible construction site, which they later discovered was locally protected. The inspectors received a "call from above" while they were still on-site and were forced to withdraw the order. They returned embarrassed, feeling like fools, and their agency was severely discredited.
Overall the norm here is not to upset strong local political interests, and this requires a balancing act that results in formalistic but weak enforcement. The ground rule is not to enforce so strongly as to obstruct local development, especially if it is closely tied to local leadership or policy, while also maintaining a base level of enforcement so as not to become liable for accidents should things go wrong.
A fourth, and final, bureaucratic norm that competed with the legal norms and obstructed transmission into enforced law concerned the long-term relationship with the regulated actors. In many interviews, we found that inspectors did not want their work to result in tensions with the construction companies. As one inspector stated: "If you always act to enforce the law, and issue sanctions, you will end up in an adversarial relation with the regulated company, which in the end will undermine your work. Nobody likes an uneasy relationship" (Int. R-II-LIU). At the same time, agents also worried that construction managers not underestimate them and that if they did not act at all, they would lose authority. One inspector observed, "We should strategically maintain our authority through our attitudes and action. Otherwise construction companies will not take us serious. And how can we then do inspection work properly?" (Int. R-II-LIU). Thus, the norm was to find the proper balance: not enforce so strongly as to upset the relationship, but also not so meekly as to lose face and authority.
The limited transmission from law to enforcement occurs because enforcement agents operate in a bureaucratic context that produces norms that often oppose firmer enforcement. The regulatory agency itself thus exists as and in a semi-autonomous social field that produces its own norms that can resist the transmission of legal norms, just as Sally Falk Moore (1973) found in her case studies in Tanzania and New York City.

Process II: From Enforced Norm to Organizational Norm
The next question is how the enforced norms enter into the organization. This means that we must understand how the safety managers at the construction site who interact directly with the regulatory inspectors have experienced these inspections, what they learn from the inspections, and how they have responded to them (cf. Mascini and Wijk 2009).
Our study has shown that safety managers develop their own sense of the applicable legal rules. Safety managers all have to undergo training in safety rules as part of the qualification certification process, so they do learn about relevant national safety laws. Managers have translated this knowledge into posters and billboards that summarize the core rules and these are posted in their offices.
Safety managers are therefore aware of the applicable legal standards that safety inspectors are supposed to inspect. Safety managers also know that regulatory inspectors cannot check all 189 items listed in the 19 tables of this standard. As one manager explained after stating that inspecting all items was impossible: "There are only two or three inspectors for each inspection. Therefore, all they can do is conduct some routine checks and discuss what they then get to observe" (Int. M-III-HAN). Another manager explained, "(Inspectors) check documents and records about the construction project. It sounds complex but document review is just to see whether we have these files. Inspectors normally do not check actual contents" (Int. M-I-YE).
Overall, managers did not think inspections were very thorough or covered all the areas of the law they should cover. Moreover, all of the managers we interviewed indicated that the consequences of being found in violation were very minor. They all indicated that inspectors did not impose fines when they found normal violations, but only when there were major accidents. Of course this is not surprising, given what we know about how weakly the law is enforced.
Through these experiences the safety managers learned that there was a broad body of law that applied to them, of which only a fraction gets inspected and which is largely left unenforced. Even when enforcement agents do issue a formal warning or notice-to rectify a particular violation, for instance-there is often no serious follow-up. As one manager stated, "Even though they issued a (rectification) notice, they just meant to give a formal reminder. We of course will make the rectification. But to tell the truth, inspectors won't come back for a re-examination" (Int. M-I-ZHAO). What managers learned was not just that only part of the law got activated through inspections and there was no stringent enforcement, but that even when agents did issue warnings they were not committed and did not follow through.
Managers developed their own views of the governmental inspectors. They indicated that inspectors knew as well as they themselves did that full compliance and safety was impossible and that they would not seek to enforce the law to achieve this unrealistic goal. As one manager explained, "Honestly, there is no construction project without any safety problems. Anyone can say something about these problems. However, it is impractical to demand 100% perfect safety at construction sites. Inspectors of course know the reality and thus they inspect without strong action)" (Int. M-III-CHEN). Managers also thought that inspectors might know full well what violations occurred but simply did not act, as this would mean shutting down all local construction. As one manager explained, "The local government tends to keep a balance. If it strictly implements legal criteria, most construction projects might be disqualified. Could the local government risk shutting down the whole construction sector? The government will try to balance continuing construction with controlling risks. And this automatically results in discounting safety regulation" (Int. M-I-HUANG). Managers also learned that, to continue receiving lenient regulatory treatment, all they needed to do was maintain good communication with the inspectors. As one manager observed, "The inspectors will not cause any serious trouble unless you are a trouble maker"(Int. M-I-ZHAO).
Despite the lack of strong inspections and any likelihood of strong sanctions, managers would go out of their way to try to hide violations from inspectors. Rather than being compliant, managers would try to make their sites "look compliant." What happened during inspections reminded us very much of what Garry Gray described as Potemkin Villages, where the factory managers he studied would create enacted forms of safe production only while inspections were on site (Gray and Silbey 2012). At the sites we studied, we observed similar practices. At one site, safety managers organized an internal enforcement campaign to enhance safety, by penalizing five workers, for instance, each for 1000 RMB, for not wearing their safety helmets. There was suddenly strict internal enforcement of relevant safety norms. This was all, as we learned, in preparation for a governmental inspection. As soon as that inspection was over, matters returned to their normal non-compliant and unsafe state of affairs (Case I-16). A safety manager at another site explained how they would address an impeding inspection as follows: "If our project is selected, we all know there are lots of practical problems on the construction site. Anyway, what we can currently do is to make full use of the last two days: on the one hand to supply necessary documents about the project; on the other hand to carefully check safety issues throughout the project." (Int. M-III-HAN). After which he explained how they should temporarily stop operating equipment that was not licensed and warned that they should ensure a good overall impression: "If inspectors find aspects looking unpleasant they will check for further details. As we all know, no construction project can stand a detailed inspection." He concluded that, just for this inspection, they must clean up, even if it came at a cost: "For this special period it doesn't matter that construction progress slows down. We have to make a good preparation for the inspection." (Int. M-III-HAN). Indeed, after a couple of days of hard work to create the right impression during the inspection, the site returned to normal operations as if nothing had happened (Case III-21). In the worst case we observed, the construction site-facing a small-scale enforcement campaign (due to a signal case: an injury after a tower crane accident at a local construction site)-spent an entire harrowing week filling 25 empty boxes that should have contained their safety filing records, with thousands of safety training documents, equipment safety records, internal safety inspection documentation, and operator safety certificates complete with backdated signatures. Following the inspection, no further updates of these files was done .
Managers would also construct fabricated compliance by leaving a trace of their internal inspection work during normal daily processes. They would do so by formally recording their inspection work to prove that it had been done, rather than actually effectively checking and remedying for safety. When one manager checked a compressor machine, he only made a record of basic production information. "In case safety inspectors come to check whether we have done proper internal supervision for checking (safety compliance), I need to make a file of evidence." Yet, he never actually checked whether the machines worked well (Case I-07).
What is interesting here is that despite the lack of thorough inspections or strict enforcement, safety managers did go through much effort and cost to seem to be in compliance during inspections. What this shows is that despite the small risks at play, they were still afraid. This indicates the highly risk adverse nature of the safety managers, although one that is highly responsive to particular inspections and not one that leads to actual deterrence that improves everyday compliance.
Overall, what we see here is a remarkable convergence between the enforced norms and the managerial norms. We see that both inspectors and safety managers do not think the law can be fully inspected or enforced. Both see the practical troubles of inspecting fully, as well as the risks of strong enforcement. Yet both are also risk adverse-albeit for different risks-with the inspectors fearing political risks as well as the risk of losing authority and good relationships with the managers, and the managers fearing the small risk that inspections would unearth big violations and result in stronger enforcement. Yet their reactions to these risks are similar: they both try and show that they do their job and enforce safety standards, yet they never really do so to create a truly more compliant organization with better safety.
The norms of weak enforcement coalesce with the safety management norms to foster a situation where violation and deviancy is normal and accepted, and where, at most, it must be concealed or shown to have been addressed temporarily should there be extra attention. The law therefore faces not one but two semi-autonomous social fields that have developed norms that obstruct its functioning to improve safety behavior in construction enterprises.

Process III: From Organizational to Sub-organizational Norm
Our next analysis looks at the functioning within the organization and how organizational norms are transmitted from the safety managers downwards to the line managers who oversee the day-to-day construction work. Before we begin this analysis, we must realize the complexity of the organizations at play in these three construction projects. These projects are highly fragmented organizations, where the construction work is done by workers who work for subcontractors who are not directly managed and controlled by the company; these workers are paid and directly managed by their headmen, and thus are not directly dependent on or loyal to the overall management of the construction company. What results is a patchwork of small highly independent units that carry out the work for the construction company. As a manger remarked ironically, "We were even unable to tell the exact number of teams actually working on this construction site" (Int. M-II-LI), Consequently, there are multi-hierarchies within a construction project, and its internal structure is fragmented with a separation between the construction company management layer and the operational layer; within the operations, there is further fragmentation between the different worker teams, as well as other flexible employees.
In this setting, the transmission of organizational norms is highly challenging. Construction company managers simply do not have any direct authority over the operational managers and headmen. The result is that the organizational norms come to compete with the operational norms of the sub-contractors and their headmen (Fig. 2).
Headmen are crucial here, as they directly oversee the workers and have a close relationship with them. As one company manager explained, "Some (workers) might be obedient, but you have nothing to do with them actually. Thus, I normally go directly to contact the headmen" (Int. M-III-ZHAO). Headmen are thus crucial in compliance and the transmission of safety norms into the organization and to the workers who must ultimately comply with them. In practice, headmen operate with a high level of independence from company safety managers, as they work for subcontracts and not directly for the company. Consequently, headmen can resist or ignore the decisions of the project manager. For instance, the headman of the steel construction work team explained, "We contracted the steel work of this building. We construct generally according to our schedule. Of course we will coordinate with the project manager. But if sometimes we disagree with each other, I will carry out my decision" (Int. M-I-MA). Headmen can also resist safety management through sabotage. One company Operational Layer manager stated, "If I fined the headman of the steel bar fixer for 500 Yuan, in return, they might quietly waste building material for 5,000 Yuan during the work" (Int. M-III-HAN).
In theory, the company safety managers could try overcome resistance and sabotage by the headmen by turning to the subcontractors that have hired them. In practice, however, this is easier said than done. On the one hand, there is a co-dependent relationship between the subcontractor and company, in which the subcontractor has more autonomy than if they were just normal company employees. This is especially so because the subcontractor prepays the brunt of the construction material and personnel costs. On the other hand, the construction process is coordinated by middle managers, who lack authority and control over the sub-contactor. What results is a form of "situated management": some subcontractors may be cooperative and respect the authority of the middle-level manager, while others may not. For instance, in one case (Case III-04), the first author witnessed how the company managers failed to collect fines they had issued against a sub-contractor because their staff simply denied the violations at first and then, when presented with evidence, said they could not sign the ticket until their chief manager came back. However, the chief manager did not show up at all that day. A manager in Project I also complained about similar practices, "Of course I have power of fine on paper, but how can a fine actually be implemented when the construction funds were even prepaid by those subcontractors or work teams? Even if I really made a fine, the subcontractors could go and negotiate with the boss, then the boss might withdraw the decision. Then who will take you seriously? (Int. M-I-FAN)." Subcontractors can thus resist company management control, undermining the successful transmission of norms from safety managers to operational managers.
The fragmentation of work amongst different work teams also makes successful transmission of norms and safety management very challenging. In project III, the project managers had to coordinate different labor teams at routine internal meetings. At the beginning, the headman of the plumbers' and electricians' team pointed out a safety hazard: the wire pipelines that they had put along the floor were destroyed by other working groups and electric wires were laid bare, which became a potential hazard. Other headmen, however, denied involvement with this matter. Later, the four headmen blamed each other, claiming their work was interrupted by other working groups. Ultimately, the project manager had to solve the problem (Case III-17).
The fragmented internal structure of the construction projects therefore undermines successful transmission of norms into the organization and hampers compliance management. There are several broader insights about how compliance is interrupted and obstructed within these organizational processes. The first is that, with the fragmentation of organizational authority, there exists a kaleidoscope of autonomous actors with their own interests, so the daily construction operation has become riddled with bargaining about compliance and non-compliance. Each of the suborganizational units and actors have their own norms that come to resist or shape the safety norms that have developed into organizational norms through processes I and III. These sub-organizational norms exist as a multitude of "semi-autonomous social fields" (Falk Moore 1973) that can thwart or alter the company safety norms that seek entry into the sub-organizational operational units.
A second insight is that, with fragmentation and competing sub-organizational interests, compliance becomes about formalistic management and blame shifting. Company safety managers knew full well that they would fail to achieve compliance, because they lacked the authority and power to overcome the organizational fragmentation and reach the workers whose behavior is at the core of compliance. Rather than ensure real behavioral change and reduction of risk, company safety managers focused on creating a paper trail of checks and verifications through meetings and self-examination reporting that would summarize existing problems and notices for rectifications, but without following these up with further on-site checks to verify whether the problems were resolved or the situation had improved. They paid more attention to whether the file was filled out and signed completely. If the problems remained, a new file could be produced next time. All in all, procedural control created an impressive "paper trail" system and a practice that, in the end, had no real influence on behavior. The idea was to make sure that safety managers could not be blamed. As one manager explained, "Even though we issue a fine, the work team may not seriously care about it. Then what could we do? We just followed the managerial rules to issue a fine. If an inspected actor doesn't want to change, it becomes his own business. But the fine itself can prove that we have fulfilled our duties and we have used up the available measures. Even if the top managers found that we failed to resolve the problem, at least, they can see the efforts that we have put in" (Int. M-III-XIAO). Organizational mangers issued fines to prove they had fulfilled their duties, not to actually reduce risk and enhance compliance. This echoes a classic argument holding that a bureaucratic system may result in situations where actors (such as the inner inspectors here) just seek to tick boxes (i.e. issue a fine) to relieve themselves from responsibility (see e.g. Crozier 1964). By doing so, they seemed to be managing their own risks and shifting blame and liabilities, regardless of whether it led to the reduction of risks or improving the situation.
The most worrying result of the organizational transmission processes and the challenges of fragmentation was that it resulted in a normalization of deviance (cf. Vaughan 1989Vaughan , 1997. The fragmentation of the construction projects created a space in which minor violations were accepted and normalized. As company managers faced subcontractors and headmen that would ignore, resist, or renegotiate their efforts at regulating safety, safety norms that had not been well established to start with could never develop further. The result was a constant erosion of safety norms as well as a continuous flow of norm-violating practices the managers would confront but not be able to act against. As a result, this also undermined the way company safety managers saw safety norms and compliance as they came to see prevalent illegal operation practices as "normal." As one project manager explained, 'There actually exist some flexible scales for discussing safety. If legal standards were fully implemented, no construction project could keep running. There are some gaps between theory and practice. It is, hence, normal that errors (i.e. illegal operations) exist in practice. The main difference lies in the amount of errors" (Int. M-II-LIU). In other words, illegal or unsafe practice-provided that it does not go beyond a certain extent-is acceptable and even perceived as reasonable in practice. Another manager, in Case III, also confirmed this opinion, "There exists a certain scale. Any violation outside of this scale, of course, cannot be accepted. However, people normally won't go beyond this scale as nobody hopes that something goes wrong" (Int. M-III-CHEN). However, in these interpretations, nobody could clearly explain what the so-called flexible or acceptable scale was.

Process IV: Individual Behavioral Response to Legal, Enforced, and Organizational Norms
The final part of this paper looks at how the legal and organizational norms reach the workers and affect their behavior. To study this, as we outlined in the methods section, we observed and then interviewed 183 workers across the three construction sites. This allowed us to understand their compliance behavior in practice, in relation to the three legal norms as explained in the methods section, and most importantly, it also allowed us to understand what shaped compliance and non-compliance. 1 In our sample we observed 152 workers to act in compliance with relevant safety standards and 31 in violation. At this most operational grassroots level, we found hardly any trace of knowledge of state law. Out of the 152 compliers interviewed, only 14 workers confirmed the existence of the three norms studied here, but even these 14 workers could not identify whether those rules originated from state law or the company safety rules. The other 138 workers interviewed did not identify the three norms as either legal or company safety rules, but instead as a form of operational habit amongst workers. The 31 workers observed to have been breaking one of these three norms, all fell within the category of workers who did not see these norms as legal or managerial safety rules, and instead indicated that what they were doing was a personal choice, and not something in relation to an external norm. When asked, "who will come to inspect the work?" the workers answered "manager," "boss," or "don't know," and nobody ever mentioned "the state regulator." This is not surprising, as we have already seen that state regulators had no direct contact with workers, nor did the company safety managers, who had to work through the sub-contractors and headmen who, as we saw, resisted their interference and did little to transmit what little knowledge of state law had been transmitted to them.
In short, this indicates that the enforced legal norms never reached the individuals. Theoretically this is not too surprising, as limited legal knowledge is highly prevalent, as studies about workers' knowledge of labor rights or ordinary citizens of basic criminal law have found a similar large knowledge deficit (Kim 1999;Darley, Carlsmith, and Robinson 2001;Kim 1999).
The majority of workers were, however, still in compliance. Somehow, even without detailed knowledge of worker safety rules and regulations, their behavior had become compliant. To understand what influenced their compliance behavior, we asked two types of questions in the interviews. First we asked about their perceptions of the key potential sources of influence, including deterrence from state authorities, the behavior of others, and their own morals. We then asked an open question requesting them to explain their own worker safety behavior in relation to the three norms we studied.
From this data we learned two things. First of all, we learned that workers did see a risk of being detected by company safety managers (overall about 65%), but these workers did not think there was a high chance that, once caught, they 1 We focused on three norms, i.e. the mandatory use of a helmet, the mandatory use of a safety rope, and the proper safe use of electricity. Such norms are practiced widely, regularly, and repeatedly on the construction site, which allows for a natural discussion of compliance or the lack of compliance. Of course there also exist other types of rules that are often violated; several tower cranes, for example, only share one land commander so that work teams do not wait but go direct to using the interphone to send the order; workers operate small machines without wearing protective glove; or workers use quick and simple access points rather than the formal exit passageway. It also happens that workers do not follow the operation flow, for example, as inthe case mentioned above, or the carpenters do not build the foundation support by themselves but make use of the shelves made by the scaffolders. The shelves have to sustain extra weight and become a new hazard, which caused a continuing conflict. We did not study these types of rules because they are not practiced as universally as our selected three norms.
Footnote 1 (continued) would be punished (overall about 14%; see Table 2 below). We also found that non-compliant workers thought there was a high chance they might get caught, and more so than compliant actors (74% compared to 63%), far fewer noncompliant workers saw a high chance of being punished (9.7% compared to 14.5%). The higher detection probability scores of workers violating the norms may well be explained by the fact that they were interviewed just after they had broken these norms. This makes these findings even more stark, because they still reported they did not think that there was a chance that they would receive a sanction for doing so.
A large group (58.5%, n = 107) of interviewees were vague about what would happen should a violating behavior be detected. Some workers replied that they had no idea about whether or how the company safety managers would take action, and some reported that they did not know whether sanctions existed.
This lack of knowledge about sanctions is not too surprising because the workers, as we just saw, had no contact with the state regulators and very limited contact with the company safety managers, who communicated mostly with the subcontractors or headmen. Theoretically, these findings also echo earlier work done on regulatory deterrence perceptions that found very limited knowledge among regulated actors of actual sanctions (Thornton, Gunningham, and Kagan 2005).
With so few workers seeing a high chance of being punished, the question remains why so many have complied with the three norms studied. To analyze this further, we also asked the workers about how they viewed the behavior of co-workers in relation to these three norms. We did so to see to what extent social norms were at play in their compliance behavior (Table 3).
Overall we see that, of all workers, only about 28% thought that most others would obey the law. We do clearly see a difference between compliant and non-compliant respondents, with the latter having far fewer (only about 7%) who thought that other workers were in compliance. The two groups are highly similar in reporting whether someone will break these three norms, with about 48% of compliant respondents and 52% of non-compliant respondents indicating that they would do so. As such, we see that the perception of a negative descriptive social norm (the practices of co-workers that break the law)-which existing psychological studies have found to be a key driver of rule breaking (Cialdini 2003(Cialdini , 2007Cialdini et al. 2006;Cialdini and Goldstein 2004;Steg 2008, 2011)-is evenly spread amongst compliers and non-compliers, and half of the compliers do see that violation is normal.
Thus, we still do not have a clear insight into why so many workers obey the law. They do not know either legal or company safety rules. They do not think it is likely they will be punished. Half of them think it is quite normal for someone to violate these norms. To better understand why these workers still complied, we must turn to the answers the workers gave when we posed open questions about how they used safety gear. What we find from these answers is that the workers have their own norms about safety that do not arise out of state legal norms or fear of punishment, but rather come out of their direct experience in every day work and what they think are the costs and benefits of safety gear. We saw, for instance, that in the group of compliant workers, nearly all (86.2%, n = 131) compliers indicated the benefits of properly using safety protection. One example is how workers talk about wearing helmets: "It helps to protect the head. With our job it is easy to get hurt. Look, there are many scratches on my helmet." "It can prevent falling objects, you need to take good care of yourself." "It's terrible even just a little stone falling down from above." "It's for your own safety, and also for the sake of all (family)." "If you wear it, you will feel relieved when working under the shelf or rebar" (Int. W-A04, W-A07, W-A16, W-A29, W-A41, W-B24, W-B35, W-C28, W-C39, W-C47, W-C52). Some workers would weigh the troubles and the benefits of helmets: "To be honest, wearing a helmet is sweaty. But you have no choice as the helmet still provides protection" (Int. W-C35). Similarly, workers explained why they used safety ropes: "When working in a high place, it is protection to wear a rope in case a high wind is coming, or you fall down accidentally" (Int. W-C35). They also explained their compliance with norms mandating safety procedures when using electricity: "If you just casually take electricity, who can guarantee that you won't get an electric shock?" (Int. W-A20). Within the group of compliers, using the proper safety gear and following safety procedures was not something that was externally directed by the law or company management, but was rather just in line with their own direct interest. There was thus naturally a good basis for a high level of voluntary compliance, where external incentives are not needed.
Not surprisingly, we found that non-compliant workers stressed the costs and trouble of using safety gear or following safety procedures. For instance, workers who did no wear a safety rope explained, "The requirement does not always fit very day practice. If I'm moving up and down, it's necessary to wear a rope; whereas if my work needs to move horizontally on a work platform, wearing a rope is inconvenient. How could it be possible that I have to keep on untying the rope and fixing to a new place all the time when working?" (Int. W-A58, W-A61, W-B12).
Non-compliant workers also described the temporary troubles that kept them from properly using safety gear: "It's just very hot. There is so much sweat in the helmet. So I just take it off for a while" (Int. W-A03, W-B22, W-B25). "Sometimes people just take it off for a moment when it's sweaty. It's normal. It doesn't mean he wants to violate" (Int. W-C12). They tended to define the current violation as temporary and thus innocuous. Some workers also indicated that following safety protocols did not offer any benefits. As one worker explained, "Connecting electricity is very simple. I can do it by myself. Why should I wait for the electrician?" (Int. W-A62, W-C39). In the group of non-compliers, practical inconvenience and lack of perceived benefits for compliance were the direct standards that guided their behavior, rather than external incentives through either the state or company regulation. At the most operational grassroots level of the organizations we studied, we found that, ultimately, behavior arose out of the individual norms of the workers, practical norms about what they saw as safe and unsafe and what they saw as convenient or troublesome. Compliance in the situation we have studied here, with its obstructed transmission from legal norms to enforced legal norms, from enforced legal norms to organizational norms, and from organizational norms to sub-organizational norms, ultimately was not transmitted into the behavioral norms of the workers. Rather, their norms operated inductively, with the workers learning from everyday practice, learning what is safe and what is not, and what is convenient and what not. Compliance, in the context of the very weak and fragmented governmental and company self-regulation, was ultimately an insulated grassroots process, on which the law and its enforcement or compliance management had little to no impact.

Conclusion
A traditional view of corporate compliance sees it as a process of legal rules entering into corporate organizations and ultimately shaping the individual behavior of corporate managers and workers. This paper has sought to understand the processes through which legal rules enter into such organizations and shape individual behavior. It offers a new qualitative operationalization of how such compliance occurs through four processes (legal to enforced norm, enforced to organizational norm, organizational to sub-organizational norm, and individual responses) at three frontlines (regulatory, managerial, and individual). The paper has highlighted how this framework can be used by conducting a series of multi-sited participant observations of all four processes at all three levels.
The paper has two core empirical findings. On the one hand, it finds that compliance was interrupted as legal norms were never successfully transmitted through enforcement into organizational norms and individual responses. Compliance transmission was interrupted at every one of these frontlines and during every one of the processes. In this case, only a very small part of the law was translated into enforced law, and that such law hardly entered the organization. We also found that organizational norms failed to enter the lower parts of the organization, and that neither the law nor the organizational norms featured prominently in the individual behavioral responses. All of this adds to our existing understanding about how legal norms compete with the norms of a social field (cf. Heimer 1999;Falk Moore 1973;Heimer 1999), while here showing how this plays out over multiple social fields, within the enforcement organization, regulated companies, and sub-units in the companies. Moreover, the analysis reveals that rather than just a competition between legal and social field norms, there is also a competition with individual personal norms.
The second empirical finding is that compliance can still occur when legal and organizational rules do not reach individuals in organizations. Even when compliance is interrupted at each frontline, as was the case in our study, individual behavior largely came to align with the rules of the law. In this case we found that this occurred because the personal norms of the workers happened to align with those of the law.
The present research shows that in the cases studied compliance was not a linear process where law gets to shape business conduct in a straight process from legal rules to enforced norms, to organizational norms to behavior. In our study, compliance comprised of the agency of many different actors both law enforcement officials, business compliance managers, line managers and individual employees. They did not act in a chronological, systematic and ordered way. Rather as we saw in this case employees may well decide to comply for their own reasons and not even knowing that in doing so they are following the law, even when all other actors for their own reasons have never successfully transmitted the legal rules into the organization.
These are findings from the particular regulatory and business settings we studied in China. We cannot directly generalize beyond these cases. What we can do though is ponder to what extent these findings are particular to these cases by exploring what core mechanisms were at play and contemplate whether these mechanisms may also be at play elsewhere. Here of course the cases we studied in Chine exist in an authoritarian and developing legal context, where regulators have limited autonomy, and where there have been structural instances of capture and corruption. All of these may well play a role in explaining our results, although we did not find direct evidence that they did. Another important particularity of the cases studied in China is the role of legal counsel. As explained in the methods section, legal counsel in China has until recently not been involved directly with everyday compliance processes, and nor did we find any trace of such involvement in the cases we studied. Thus, it may well be that in jurisdictions where there has been a more developed compliance function in an internal legal department or as a separate department run by lawyers that transmission of legal rules would have been more successful. Work by Edelman and Talesh has shown how in-house counsel play a role in the reception and transmission of legal norms into corporations, and by doing so adapt what the law is to the context of the corporation, thus changing its original meaning and function (Edelman 1992;Edelman et al. 1991;Edelman and Talesh 2011b). Such work, however has not traced the transmission of the law deeper into the company. So, at the moment there is no data to compare our findings to from jurisdictions with a more developed legal compliance function, and our findings, together with those of Edelman and Talesh may serve as starting points for future research replicating our study design in settings with a more developed legal compliance function.
Yet, on other aspects, the cases we studied had contexts that were comparable with those in other studies of regulatory compliance. From research in other regulatory domains, most importantly pollution regulation, we generally know that enforcement resources are limited and that there are too many legal rules at too many companies to inspect (van Rooij et al. 2018a, b). This is not only a problem in China, but regulatory enforcement generally entails inspectors making choices in what elements of the law to focus on and what industries to inspect (Kagan 1994), and as such in any case only parts of the law will be transmitted at only a part of all regulated companies. Our findings are also directly in line with research from across different jurisdictions and contexts that show that people generally do not know the law well and that they base their understanding of what rules apply on their own norms ( Van Rooij 2021 (Forthcoming)). Many legal systems are highly complex, and regulators and compliance managers in all jurisdictions will have limited resources to be able to transmit all laws in full detail. In other contexts than studied here this has led to a similar approach of enforced self-regulation where regulators come to depend on organizations themselves to ensure transmission and compliance (Hutter 2001;Fairman and Yapp 2005;Braithwaite 1982Braithwaite , 2011Ayres and Braithwaite 1992). And many larger regulated organizations have complex and fragmented structures that can obstruct successful internal rule transmission.
All of this points to a research agenda where other studies adopt a similar comprehensive frontline approach to study the transmission and reception of regulatory law from regulator to organization and within the organization to individual behavior.
By expanding the frontline approach to study regulation and compliance (Almond and Gray 2017) to look at the grassroots operation of regulatory enforcement, compliance management, and everyday work practices we not only see that regulation and compliance do not operate as simple top-down processes. In the cases studied, and most likely also in future studies in other contexts, the comprehensive frontline approach to regulatory compliance shows that law can come to play a very limited role in regulatory compliance. Once we trace the transmission of law, as we did in these cases, we saw that not only was its transmission and reception stunted, law did not play a role in the final compliant behavior. The cases studied here therefore do not fit the law-centered focus that has been implicit in most regulatory studies and force us to conceive of regulatory compliance beyond a focus on the law.

Compliance with Ethical Standards
Conflict of interest Benjamin van Rooij has received research grants from the Netherlands Scientific Organization. There are no conflicts of interest between these grants and the study submitted here.
Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creat iveco mmons .org/licen ses/by/4.0/.